Single sign-on
- create a short-term, restricted certificate (credential) from user's long-term, normal certificate
- "proxy certificate"
- computation / data access are authorized with proxy certificate
- user enters password only once�-- thus "single sign-ong
Start Video
